December 4, 2012

Shikha Dalmia says that the US could learn useful lessons on immigration policy from Canada:

… Canada’s provincial-nominee program is a model of economic enlightenment. Under this system, 13 provincial entities sponsor a total of 75,000 worker-based permanent residencies a year, and the federal government in Ottawa offers 55,000. Each province can pick whomever it wants for whatever reason—in effect, to use its quota, which is based on population, to write its own immigration policy.

Provinces may pick applicants left over from the federal program. They can also solicit their own applicants from anywhere in the world. In a direct attempt to poach talent from the U.S., some provinces are sponsoring H1-B holders stuck in the American labyrinth.

The government in Ottawa can’t question either the provinces’ criteria or their methods of recruitment. Its role is limited to conducting a security, criminal and health check on foreigners picked by the provinces, which has cut processing time for permanent residency to one or two years—compared with a decade or more in the U.S.

Richard Kurland, a lawyer who is considered Canada’s top immigration expert, notes that provinces use the program for diverse goals such as enhancing existing cultural or ethnic ties with other countries. Not surprisingly, the most popular reason is economic: to augment the local labor market.

The program gives British Columbia the same flexibility to sponsor, say, bricklayers as it gives Ontario to sponsor computer programmers. It doesn’t treat the entire Canadian economy as monolithic and pretend that distant federal bureaucrats can effectively cater to local job markets. (Canada’s federal program is a different story altogether.)

The UN’s International Telecommunications Union continues its in-camera campaign to wrest control of the internet from all other organizations with a new policy designed to please intrusive and authoritarian governments worldwide:

The telecommunications standards arm of the U.N. has quietly endorsed the standardization of technologies that could give governments and companies the ability to sift through all of an Internet user’s traffic – including emails, banking transactions, and voice calls – without adequate privacy safeguards. The move suggests that some governments hope for a world where even encrypted communications may not be safe from prying eyes.

At the core of this development is the adoption of a proposed international standard that outlines requirements for a technology known as “Deep Packet Inspection” (DPI). As we’ve noted several times before, depending on how it is used, DPI has the potential to be extremely privacy-invasive, to defy user expectations, and to facilitate wiretapping.

[. . .]

The ITU-T DPI standard holds very little in reserve when it comes to privacy invasion. For example, the document optionally requires DPI systems to support inspection of encrypted traffic “in case of a local availability of the used encryption key(s).” It’s not entirely clear under what circumstances ISPs might have access to such keys, but in any event the very notion of decrypting the users’ traffic (quite possibly against their will) is antithetical to most norms, policies, and laws concerning privacy of communications. In discussing IPSec, an end-to-end encryption technology that obscures all traffic content, the document notes that “aspects related to application identification are for further study” – as if some future work may be dedicated to somehow breaking or circumventing IPSec.

Several global standards bodies, including the IETF and W3C, have launched initiatives to incorporate privacy considerations into their work. In fact, the IETF has long had a policy of not considering technical requirements for wiretapping in its work, taking the seemingly opposite approach to the ITU-T DPI document, as Germany pointed out in voicing its opposition to the ITU-T standard earlier this year. The ITU-T standard barely acknowledges that DPI has privacy implications, let alone does it provide a thorough analysis of how the potential privacy threats associated with the technology might be mitigated.

These aspects of the ITU-T Recommendation are troubling in light of calls from Russia and a number of Middle Eastern countries to make ITU-T Recommendations mandatory for Internet technology companies and network operators to build into their products. Mandatory standards are a bad idea even when they are well designed. Forcing the world’s technology companies to adopt standards developed in a body that fails to conduct rigorous privacy analysis could have dire global consequences for online trust and users’ rights.

The Register‘s John Leyden on the JavaScript troubles inflicted on Tumblr the other day:

A worm spread like wildfire across Tumblr on Monday, defacing pages on the blogging website with an abusive message penned by a notorious trolling crew.

The outbreak was triggered by the GNAA, a group of anonymous troublemakers who get their kicks from winding up bloggers with offensive posts.

Tumblr temporarily halted the publication of new journal posts to prevent the worm from spreading further before restoring the service to normal a few hours later.

[. . .]

“It appears that the worm took advantage of Tumblr’s reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages,” wrote Graham Cluley, senior technology consultant at Sophos.

“It shouldn’t have been possible for someone to post such malicious JavaScript into a Tumblr post — our assumption is that the attackers managed to skirt around Tumblr’s defences by disguising their code through Base 64 encoding and embedding it in a data URI,” he added.

The U.S. Navy X-47B UCAV (unmanned combat air vehicle) made its first catapult launch on November 29th, 22 months after its first flight. This launch was not from a carrier, but an airfield built to the same size as a carrier deck and equipped with a catapult. This first launch was to confirm that the X-47B could handle the stress of a catapult launch. Another X-47B has been loaded onto the deck of a carrier, to check out the ability of the UCAV to move around the deck. If all goes well, the first carrier launch of an X-47B will take place next year, along with carrier landings. Last year the navy tested its UCAV landing software, using a manned F-18 for the test, landing it on a carrier completely under software control.

It was four years ago that the navy rolled out the first X-47B, its first combat UAV. This compact aircraft has a wingspan of 20 meters (62 feet, and the outer 25 percent folds up to save space on the carrier). It carries a two ton payload and will be able to stay in the air for twelve hours. The U.S. is far ahead of other nations in UCAV development, and this is energizing activity in Russia, Europe and China to develop similar aircraft. It’s generally recognized that robotic combat aircraft are the future, even though many of the aviation commanders (all of them pilots) wish it were otherwise. Whoever gets there first (a UCAV that really works) will force everyone else to catch up, or end up the loser in their next war with someone equipped with UCAVs.

The U.S. Navy has done the math and realized that they need UCAVS on their carriers as soon as possible. The current plan is to get these aircraft into service six years from now. But there is an effort to get the unmanned carrier aircraft into service sooner than that. The math problem that triggered all this is the realization that American carriers had to get within 800 kilometers of their target before launching bomber aircraft. Potential enemies increasingly have aircraft and missiles with range greater than 800 kilometers. The navy already has a solution in development; the X-47B UCAS has a range of 2,500 kilometers

In Time, Douglas Macgregor does his level best to persuade readers that the US Marine Corps is something the Obama administration could easily cut from the budget:

The Marines as currently organized and equipped are about as relevant as the Army’s horse cavalry in the 1930s and the Marines are not alone. They have company in the Army’s XVIII Airborne Corps.

But, first, let’s examine the Marines.

In truth, the Marines have a low-end warfare niche, but a very small one for extremely limited and unusual types of operations.

[. . .]

The capability to come ashore where the enemy is not present, then, move quickly with sustainable combat power great distances over land to operational objectives in the interior, is essential. The Marines cannot do it in any strategic setting where the opponent is capable (neither can the XVIII Airborne Corps!).

The Marines cannot confront or defeat armored forces or heavy weapons in the hands of capable opponents. Nor can the Marines hold any contested battle space for more than a very short amount of time, after which the Marine raid or short stay ashore is completed.

Adding vertical-and/or-short-takeoff-landing (V/STOL) aircraft like the F-35B, to compensate for the lack of staying power and mobility on the ground is not an answer, particularly given the severe limitations of VSTOL aircraft, and the proliferation of tactical and operational air defense technology in places that count.

The real question is how much Marine Corps do Americans need? The answer is not the 200,000 Marines we have today.